I received my FritzBox 7170 today, as a present from XS4ALL for renewing my ADSL subscription for another year (cheap deal — I would have done that anyway). And it totally blows away my Thompson Speedtouch!
As regular readers of this blog may remember, the Speedtouch doesn’t properly support the “exposed host” feature, whereby all incoming traffic on any port is redirected to a single machine on the internal network, in combination with Voice Over IP. I eventually came up with a really crappy workaround for that, but it never really worked nicely. Also, I never quite managed to explain to the Speedtouch that when a machine on the internal network tried to access 188.8.131.52, it should be sent to the internal address of my server, rather than get stuck in a loop trying to forward traffic to itself.
Well, the FritzBox didn’t have either of these problems. Port forwarding was just a few mouse-clicks away, and configuring VOIP in combination with that was trivially easy. Despite the fact that the router seems to have much more options than my Speedtouch (in ‘Expert mode’, at least), it is much easier to configure thanks to the well-organized menu structure.
So now I have it setup exactly the way I want it: all external traffic gets forwarder to my Linux server at 10.0.0.1, VOIP is handled by the FritzBox (I can even connect my ISDN modem to it!) and when a machine on the WLAN wants to access mwolf.net, it gets sent to 10.0.0.1 as it should. I couldn’t be happier.
Except.. There is one setting in the menu which worries me a bit. On the “Provider Services” tab of the “Network” menu, there is an option called “Permit automatic updates” which apparently allows my service provider to change the device’s settings without having to ask my permission. This setting is enabled and the checkbox is greyed-out so that I cannot disable it:
[caption id=“” align=“alignnone” width=“750” caption=“Suspicious checkbox”][/caption]
Needless to say, I don’t really like the idea of anybody being able to mess around with the gateway to my local network without my consent. Now, I do generally trust XS4ALL, which has a reputation to uphold when it comes to respecting its users’ digital autonomy and privacy, so I assume that there’s an innocent reason for the fact that this checkbox cannot be easily unchecked by the user. I have already mailed AVM, the makers of the FritzBox, about this, and I plan to contact XS4ALL tomorrow. Let’s see what they say about it.
UPDATE: false alarm, fortunately! Turns out it’s just a bit of a misleading user interface. The “permit automatic updates” option is dependent on the “allow automatic configuration” option above it. So when the latter is disabled, the former becomes greyed-out because it is no longer applicable. However, the software remembers what it was set to, resulting in a checkbox which incorrectly suggests that it is still enabled. If it makes you feel better, you can temporarily re-enable the “allow automatic configuration” option, then uncheck the “permit automatic updates” box and then disable automatic configuration again.